General

  • Target

    2025-07-03_9a75086314fd1edcd84f903efb58d130_amadey_elex_gcleaner_redline-stealer_rhadamanthys_smoke-loader_stop

  • Size

    72KB

  • Sample

    250703-gnrvtafm3v

  • MD5

    9a75086314fd1edcd84f903efb58d130

  • SHA1

    d58089d5892b766dbf969bafe1663b6132fcef55

  • SHA256

    2b527bd4ffb7693d96807c7180c1bd21e35cb2671184290aa9f9dbfd0a168b7c

  • SHA512

    ee8660d857efe2162fae1a2cc2308d0df12fe47b5ffdac2aae7247b6f7cb9ae17a725ffeb65eb7e2c939be088f8b056901da7dd6d621d16457e11e0322307494

  • SSDEEP

    768:+00UHf57LnWykdBdusOAL/2DH9owR97k9/l4ElXYWFoHiPI6zDwdT6cBJhFd/B5Y:+00URPnKfZrT2DawRR8JfP3QZB355B/

Malware Config

Targets

    • Target

      2025-07-03_9a75086314fd1edcd84f903efb58d130_amadey_elex_gcleaner_redline-stealer_rhadamanthys_smoke-loader_stop

    • Size

      72KB

    • MD5

      9a75086314fd1edcd84f903efb58d130

    • SHA1

      d58089d5892b766dbf969bafe1663b6132fcef55

    • SHA256

      2b527bd4ffb7693d96807c7180c1bd21e35cb2671184290aa9f9dbfd0a168b7c

    • SHA512

      ee8660d857efe2162fae1a2cc2308d0df12fe47b5ffdac2aae7247b6f7cb9ae17a725ffeb65eb7e2c939be088f8b056901da7dd6d621d16457e11e0322307494

    • SSDEEP

      768:+00UHf57LnWykdBdusOAL/2DH9owR97k9/l4ElXYWFoHiPI6zDwdT6cBJhFd/B5Y:+00URPnKfZrT2DawRR8JfP3QZB355B/

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks